<?
//echo GetBigFileBlock(0);

import_request_variables("gp", "g_");

ProcessPage();

function ProcessPage()
{

if ($_SESSION['s_loggedin'] == "yes")
//if(isset($_SESSION['s_name']))
{
	switch ($GLOBALS['g_type'])
	{
		case 'category':
			echo WorkOnCategory();
			break;
		case 'profile':
			echo WorkOnProfile();
			break;
		case 'file':
			echo WorkOnFile();
			break;
		case 'upload':
			echo WorkOnUpload();
			break;
		case 'update':
			echo WorkOnUpdate();
			break;
		case 'contact':
			echo WorkOnContact();
			break;
		case 'download':
			echo WorkOnDownload();
			break;
		case 'search':
			echo WorkOnSearch();
			break;
		case 'commentposted':
			echo WorkOnCommentPost();
			break;
		case 'failsafe':
			echo WorkOnLogin();
			break;
		default:
			echo WorkOnHome();
			break;
	}
}
else
{
	switch ($GLOBALS['g_type'])
	{
		case 'login':
			echo ProcessLogin();
			break;
		default:
			echo WorkOnLogin();
			break;
	}
}
}

function WorkOnCategory()
{
	return GetBigFileBlock($GLOBALS['g_page']);
}

function WorkOnProfile()
{
	return GetPageProfileBlock($GLOBALS['g_page']);
}
function WorkOnFile()
{
	return GetPageFileBlock($GLOBALS['g_page']);
}
function WorkOnHome()
{
$greeting = array('Hola','Hello','\'Allo','Bonjour','Hi','Hey','Yo','\'Sup','What\'s
up','Wassup','Howdy','Aloha','Hiya','Salutations','Welcome','Oi');
	$out = '';

	$out .= '<div class="center-module">';
	$out .= '<div class="title">'.$greeting[rand(0,count($greeting)-1)].' '.$_SESSION['s_name'].'!</div>';
	$out .= 'Here\'s your latest selection of notes hot off the server rack, with some of our more popular picks thrown in for flavour.';
	$out .= '</div>';
	
	$out .= GetBigFileBlockNum(-2,3);

	$out .= GetBigFileBlockNum(-3,3);

	return $out;
}

function WorkOnLogin()
{
	$greeting = array('Hola','Hello','\'Allo','Bonjour','Hi','Hey','Yo','\'Sup','What\'s 
up','Wassup','Howdy','Aloha','Hiya','Salutations','Welcome','Oi');
	$out = '';

	$out .= '<div class="center-module">';
	$out .= '<div class="title">'.$greeting[rand(0,count($greeting)-1)].'!</div>';
	$out .= 'We\'re gonna need you to tuck in that shirt and show us some ID before we let you in.';
	$out .= '<form name="login" action="index.php?type=login" method="post">';
	$out .= '<br><br>Email: <input type="text" name="user">';
	$out .= '<br><br>Password: <input type="password"name="passwd"><br>';
	$out .= '<br><br><input type="submit" value="Log in"><br>';
	$out .= '<br><br><center><i>Your login details will be saved on your computer</i></center>';
	$out .= '</div>';
	
	return $out;
}

function ProcessLogin()
{
	$out .= '<div class="center-module">';
	$out .= '<div class="title">Whoa!</div>';
	$out .= 'Sorry, looks like your login details are inaccurate at best.  Why don\'t you try again?';
	$out .= '<form name="login" action="index.php?type=login" method="post">';
	$out .= '<br><br>Email: <input type="text" name="user">';
	$out .= '<br><br>Password: <input type="password"name="passwd"><br>';
	$out .= '<br><br><input type="submit" value="Log in"><br>';
	$out .= '<br><br><center><i>Your login details will be saved on your computer</i></center>';
	$out .= '</div>';
	echo $out;
}

function WorkOnUpload() 
{
	global $settings;
	if(!isset($GLOBALS['g_filedesc']))
	{
		echo GetUploadPage();
	}
	else
	{
		$uploaddir = $settings['root'].'notes/';
		$uploadfile = $uploaddir . basename($_FILES['notesfile']['name']);
		if (move_uploaded_file($_FILES['notesfile']['tmp_name'], $uploadfile)) {
			echo "Thanks! You submission should be listed starting from the next page you visit.";
		} else {
			echo "Ooops! This doesn't look very good... Do you think you could bear with me and try again?  If not 
please contact the admin!";
		}
		$epoch = time();
		$fn = basename($_FILES['notesfile']['name']);
		$query = "INSERT INTO files (file,title,description,uploader,time,flag,hide,downloads,category) VALUES('$fn','$GLOBALS[g_filetitle]','$GLOBALS[g_filedesc]', '$_SESSION[s_id]',$epoch,0,0,0,$GLOBALS[g_filecategory])";
		//$db = ConnectToDB();
		$r = mysql_query($query);
	}
}

function WorkOnContact() {}
function WorkOnUpdate()
{
	if (!isset($GLOBALS['g_action']))
	{
		$out .= '<div class="center-module">';
		$out .= '<div class="title">Update Profile</div>';
		//	$out .= 'Here'';
		$out .= '<form name="login" action="index.php?type=update&action=save" method="post">';
		$out .= '<br><br>Name: <input type="text" name="name">';
		$out .= '<br><br>Surname: <input type="text" name="surname">';
		$out .= '<br><br>Nickname: <input type="text" name="handle">';
		$out .= '<br><br>Email: <input type="text" name="email" readonly="true">';
		$out .= '<br><br>';
		$out .= '<br><br>Old Password: <input type="password" name="oldpassword"><br>';
		$out .= '<br><br>New Password: <input type="password" name="newpassword"><br>';
		$out .= '<br><br>Confirm New Password: <input type="password" name="checkpassword"><br>';
		$out .= '<br><br><input type="submit" value="Save"><br>';
		$out .= '<br><br>';
		$out .= '</div>';
	}
	else
	{
		if ($GLOBALS['g_action'] == 'save')
		{
			$db = ConnectToDB();
			$query = "UPDATE users SET name='$GLOBALS[g_name]', surname='$GLOBALS[g_surname]', handle='$GLOBALS[g_handle]' WHERE email='$_SESSION[s_email]'";
			$out .= '<div class="center-module">';
			$out .= '<div class="title">Done!</div>';
			if (strlen($g_oldpassword) > 0)
			{
			/*	if(CheckPassword($_SESSION['s_id']) && ($GLOBALS['g_newpassword'] == $GLOBALS['$g_checkpassword']))
				{
					$newpass = md5($GLOBALS['g_newpassword']);
					$query2 = "UPDATE users SET password='$newpass' WHERE email='$_SESSION[s_email]'";
					$r2 = mysql_query($query2);
				}
				else
				{	
					$out .= "Error Changing Password";
				}
			*/
			}
			$r = mysql_query($query);

			$out .= 'You profile has been changed.';
			$out .= '</div>';
		}
	}
	echo $out;

}

function WorkOnDownload() 
{
	global $settings;
	$uploaddir = $settings['root'].'notes/';
	$uploadfile = $uploaddir . basename($_FILES['notesfile']['name']);
	echo $uploadfile;
	if (move_uploaded_file($_FILES['notesfile']['tmp_name'], $uploadfile)) {
		echo "Success!";
	} else {
		echo "Ooops! This doesn't look very good...";
	}
	$epoch = time();
	$fn = basename($_FILES['notesfile']['name']);
	$query = "INSERT INTO files (file,title,description,uploader,time,flag,hide,downloads,category) VALUES('$fn','$GLOBALS[g_filetitle]','$GLOBALS[g_filedesc]', '$_SESSION[s_id]',$epoch,0,0,0,$GLOBALS[g_filecategory])";
	echo $query;
	//$db = ConnectToDB();
	$r = mysql_query($query);
}

function WorkOnCommentPost()
{
	global $g_file, $g_comment;
	echo CommentPostedBlock($g_file, $_SESSION['s_id'], $g_comment);
}

function WorkOnSearch()
{
	/*
		mela here's the plan...
		1. create search.php file in /library/banks
		2. strtotime function converts nearly any string to a date
		3. look for all keywords (such as 'from:' 'to:' 'uploader:')
		4. uploader: must be in "
		5. can stop parsing from: and to: when it is deemed the date has ended (i.e. no month after 
day, no year after month, or when year is reached).
	*/
}

?>
